Compare commits
3 commits
65c76aea2a
...
3c598debd5
| Author | SHA1 | Date | |
|---|---|---|---|
3c598debd5
|
|||
|
7a41aecef8
|
|||
|
3ede041796
|
22 changed files with 54 additions and 191 deletions
|
|
@ -7,5 +7,7 @@ _: {
|
|||
./ntfy.nix
|
||||
./proofs.nix
|
||||
./wiki.nix
|
||||
../../../shared/prometheus-exporters.nix
|
||||
../../../shared/promtail.nix
|
||||
];
|
||||
}
|
||||
|
|
|
|||
|
|
@ -1,6 +1,5 @@
|
|||
{ pkgs, lib, ... }:
|
||||
let
|
||||
inherit (import ../../../shared/caddy-helpers.nix) logFormat;
|
||||
user = "mediaserver";
|
||||
group = "mediaserver";
|
||||
dataDir = "/mnt/data/bazarr";
|
||||
|
|
@ -8,7 +7,6 @@ let
|
|||
in
|
||||
{
|
||||
services.caddy.virtualHosts."bazarr.labs.adtya.xyz" = {
|
||||
inherit logFormat;
|
||||
extraConfig = ''
|
||||
reverse_proxy 127.0.0.1:${toString port}
|
||||
'';
|
||||
|
|
|
|||
|
|
@ -1,19 +1,13 @@
|
|||
_:
|
||||
let
|
||||
inherit (import ../../../shared/caddy-helpers.nix) logFormat;
|
||||
in
|
||||
{
|
||||
_: {
|
||||
services = {
|
||||
caddy = {
|
||||
virtualHosts = {
|
||||
"jellyfin.local.adtya.xyz" = {
|
||||
inherit logFormat;
|
||||
extraConfig = ''
|
||||
reverse_proxy 127.0.0.1:8096
|
||||
'';
|
||||
};
|
||||
"jellyfin.labs.adtya.xyz" = {
|
||||
inherit logFormat;
|
||||
extraConfig = ''
|
||||
reverse_proxy 127.0.0.1:8096
|
||||
'';
|
||||
|
|
|
|||
|
|
@ -1,11 +1,6 @@
|
|||
_:
|
||||
let
|
||||
inherit (import ../../../shared/caddy-helpers.nix) logFormat;
|
||||
in
|
||||
{
|
||||
_: {
|
||||
services = {
|
||||
caddy.virtualHosts."lidarr.labs.adtya.xyz" = {
|
||||
inherit logFormat;
|
||||
extraConfig = ''
|
||||
reverse_proxy 127.0.0.1:8686
|
||||
'';
|
||||
|
|
|
|||
|
|
@ -1,13 +1,11 @@
|
|||
{ pkgs, lib, ... }:
|
||||
let
|
||||
inherit (import ../../../shared/caddy-helpers.nix) logFormat;
|
||||
user = "mediaserver";
|
||||
group = "mediaserver";
|
||||
dataDir = "/mnt/data/prowlarr";
|
||||
in
|
||||
{
|
||||
services.caddy.virtualHosts."prowlarr.labs.adtya.xyz" = {
|
||||
inherit logFormat;
|
||||
extraConfig = ''
|
||||
reverse_proxy 127.0.0.1:9696
|
||||
'';
|
||||
|
|
|
|||
|
|
@ -1,11 +1,6 @@
|
|||
_:
|
||||
let
|
||||
inherit (import ../../../shared/caddy-helpers.nix) logFormat;
|
||||
in
|
||||
{
|
||||
_: {
|
||||
services = {
|
||||
caddy.virtualHosts."radarr.labs.adtya.xyz" = {
|
||||
inherit logFormat;
|
||||
extraConfig = ''
|
||||
reverse_proxy 127.0.0.1:7878
|
||||
'';
|
||||
|
|
|
|||
|
|
@ -1,11 +1,6 @@
|
|||
_:
|
||||
let
|
||||
inherit (import ../../../shared/caddy-helpers.nix) logFormat;
|
||||
in
|
||||
{
|
||||
_: {
|
||||
services = {
|
||||
caddy.virtualHosts."readarr.labs.adtya.xyz" = {
|
||||
inherit logFormat;
|
||||
extraConfig = ''
|
||||
reverse_proxy 127.0.0.1:8787
|
||||
'';
|
||||
|
|
|
|||
|
|
@ -1,11 +1,6 @@
|
|||
_:
|
||||
let
|
||||
inherit (import ../../../shared/caddy-helpers.nix) logFormat;
|
||||
in
|
||||
{
|
||||
_: {
|
||||
services = {
|
||||
caddy.virtualHosts."sonarr.labs.adtya.xyz" = {
|
||||
inherit logFormat;
|
||||
extraConfig = ''
|
||||
reverse_proxy 127.0.0.1:8989
|
||||
'';
|
||||
|
|
|
|||
|
|
@ -1,12 +1,7 @@
|
|||
{ pkgs, ... }:
|
||||
let
|
||||
inherit (import ../../../shared/caddy-helpers.nix) logFormat;
|
||||
in
|
||||
{
|
||||
{ pkgs, ... }: {
|
||||
services = {
|
||||
caddy = {
|
||||
virtualHosts."transmission.labs.adtya.xyz" = {
|
||||
inherit logFormat;
|
||||
extraConfig = ''
|
||||
reverse_proxy 127.0.0.1:9091
|
||||
'';
|
||||
|
|
|
|||
|
|
@ -1,16 +1,11 @@
|
|||
_:
|
||||
let
|
||||
inherit (import ../../../shared/caddy-helpers.nix) logFormat;
|
||||
domainName = "blocky.rico1.labs.adtya.xyz";
|
||||
in
|
||||
{
|
||||
let domainName = "blocky.rico1.labs.adtya.xyz"; in {
|
||||
imports = [
|
||||
../../../shared/blocky.nix
|
||||
];
|
||||
services = {
|
||||
caddy = {
|
||||
virtualHosts."${domainName}" = {
|
||||
inherit logFormat;
|
||||
extraConfig = ''
|
||||
reverse_proxy 127.0.0.1:8080
|
||||
'';
|
||||
|
|
|
|||
|
|
@ -1,8 +1,4 @@
|
|||
_:
|
||||
let
|
||||
inherit (import ../../../shared/caddy-helpers.nix) logFormat;
|
||||
in
|
||||
{
|
||||
_: {
|
||||
imports = [
|
||||
./blocky.nix
|
||||
./prometheus.nix
|
||||
|
|
@ -14,25 +10,21 @@ in
|
|||
services.caddy = {
|
||||
virtualHosts = {
|
||||
"gateway.labs.adtya.xyz" = {
|
||||
inherit logFormat;
|
||||
extraConfig = ''
|
||||
reverse_proxy 192.168.0.1:80
|
||||
'';
|
||||
};
|
||||
"ap1.labs.adtya.xyz" = {
|
||||
inherit logFormat;
|
||||
extraConfig = ''
|
||||
reverse_proxy 192.168.1.1:80
|
||||
'';
|
||||
};
|
||||
"ap2.labs.adtya.xyz" = {
|
||||
inherit logFormat;
|
||||
extraConfig = ''
|
||||
reverse_proxy 192.168.1.2:80
|
||||
'';
|
||||
};
|
||||
"switch.labs.adtya.xyz" = {
|
||||
inherit logFormat;
|
||||
extraConfig = ''
|
||||
reverse_proxy 192.168.1.3:80
|
||||
'';
|
||||
|
|
|
|||
|
|
@ -1,13 +1,8 @@
|
|||
_:
|
||||
let
|
||||
inherit (import ../../../../shared/caddy-helpers.nix) logFormat;
|
||||
domainName = "loki.labs.adtya.xyz";
|
||||
in
|
||||
{
|
||||
let domainName = "loki.labs.adtya.xyz"; in {
|
||||
services = {
|
||||
caddy = {
|
||||
virtualHosts."${domainName}" = {
|
||||
inherit logFormat;
|
||||
extraConfig = ''
|
||||
reverse_proxy 127.0.0.1:3100
|
||||
'';
|
||||
|
|
|
|||
|
|
@ -1,13 +1,8 @@
|
|||
_:
|
||||
let
|
||||
inherit (import ../../../shared/caddy-helpers.nix) logFormat;
|
||||
domainName = "prometheus.labs.adtya.xyz";
|
||||
in
|
||||
{
|
||||
let domainName = "prometheus.labs.adtya.xyz"; in {
|
||||
services = {
|
||||
caddy = {
|
||||
virtualHosts."${domainName}" = {
|
||||
inherit logFormat;
|
||||
extraConfig = ''
|
||||
reverse_proxy 127.0.0.1:9090
|
||||
'';
|
||||
|
|
@ -32,66 +27,57 @@ in
|
|||
scrapeConfigs = [
|
||||
{
|
||||
job_name = "ntfy";
|
||||
scheme = "https";
|
||||
metrics_path = "/ntfy-metrics";
|
||||
static_configs = [
|
||||
{ targets = [ "wynne.labs.adtya.xyz" ]; }
|
||||
{ targets = [ "10.10.10.13:8081" ]; }
|
||||
];
|
||||
}
|
||||
{
|
||||
job_name = "caddy";
|
||||
scheme = "https";
|
||||
metrics_path = "/caddy-metrics";
|
||||
static_configs = [
|
||||
{ targets = [ "rico0.labs.adtya.xyz" ]; }
|
||||
{ targets = [ "rico1.labs.adtya.xyz" ]; }
|
||||
{ targets = [ "rico2.labs.adtya.xyz" ]; }
|
||||
{ targets = [ "wynne.labs.adtya.xyz" ]; }
|
||||
{ targets = [ "layne.labs.adtya.xyz" ]; }
|
||||
{ targets = [ "10.10.10.1:2019" ]; }
|
||||
{ targets = [ "10.10.10.10:2019" ]; }
|
||||
{ targets = [ "10.10.10.11:2019" ]; }
|
||||
{ targets = [ "10.10.10.12:2019" ]; }
|
||||
{ targets = [ "10.10.10.13:2019" ]; }
|
||||
{ targets = [ "10.10.10.14:2019" ]; }
|
||||
];
|
||||
}
|
||||
{
|
||||
job_name = "postgres";
|
||||
scheme = "https";
|
||||
metrics_path = "/postgres-metrics";
|
||||
static_configs = [
|
||||
{ targets = [ "wynne.labs.adtya.xyz" ]; }
|
||||
{ targets = [ "10.10.10.13:9187" ]; }
|
||||
];
|
||||
}
|
||||
{
|
||||
job_name = "systemd";
|
||||
scheme = "https";
|
||||
metrics_path = "/systemd-metrics";
|
||||
static_configs = [
|
||||
{ targets = [ "rico0.labs.adtya.xyz" ]; }
|
||||
{ targets = [ "rico1.labs.adtya.xyz" ]; }
|
||||
{ targets = [ "rico2.labs.adtya.xyz" ]; }
|
||||
{ targets = [ "wynne.labs.adtya.xyz" ]; }
|
||||
{ targets = [ "layne.labs.adtya.xyz" ]; }
|
||||
{ targets = [ "10.10.10.1:9558" ]; }
|
||||
{ targets = [ "10.10.10.10:9558" ]; }
|
||||
{ targets = [ "10.10.10.11:9558" ]; }
|
||||
{ targets = [ "10.10.10.12:9558" ]; }
|
||||
{ targets = [ "10.10.10.13:9558" ]; }
|
||||
{ targets = [ "10.10.10.14:9558" ]; }
|
||||
];
|
||||
}
|
||||
{
|
||||
job_name = "smartctl";
|
||||
scheme = "https";
|
||||
metrics_path = "/smartctl-metrics";
|
||||
static_configs = [
|
||||
{ targets = [ "rico0.labs.adtya.xyz" ]; }
|
||||
{ targets = [ "rico1.labs.adtya.xyz" ]; }
|
||||
{ targets = [ "rico2.labs.adtya.xyz" ]; }
|
||||
{ targets = [ "wynne.labs.adtya.xyz" ]; }
|
||||
{ targets = [ "wynne.labs.adtya.xyz" ]; }
|
||||
{ targets = [ "layne.labs.adtya.xyz" ]; }
|
||||
{ targets = [ "10.10.10.10:9633" ]; }
|
||||
{ targets = [ "10.10.10.11:9633" ]; }
|
||||
{ targets = [ "10.10.10.12:9633" ]; }
|
||||
{ targets = [ "10.10.10.13:9633" ]; }
|
||||
{ targets = [ "10.10.10.14:9633" ]; }
|
||||
];
|
||||
}
|
||||
{
|
||||
job_name = "node";
|
||||
scheme = "https";
|
||||
static_configs = [
|
||||
{ targets = [ "rico0.labs.adtya.xyz" ]; }
|
||||
{ targets = [ "rico1.labs.adtya.xyz" ]; }
|
||||
{ targets = [ "rico2.labs.adtya.xyz" ]; }
|
||||
{ targets = [ "wynne.labs.adtya.xyz" ]; }
|
||||
{ targets = [ "layne.labs.adtya.xyz" ]; }
|
||||
{ targets = [ "10.10.10.1:9100" ]; }
|
||||
{ targets = [ "10.10.10.10:9100" ]; }
|
||||
{ targets = [ "10.10.10.11:9100" ]; }
|
||||
{ targets = [ "10.10.10.12:9100" ]; }
|
||||
{ targets = [ "10.10.10.13:9100" ]; }
|
||||
{ targets = [ "10.10.10.14:9100" ]; }
|
||||
];
|
||||
}
|
||||
{
|
||||
|
|
@ -104,10 +90,8 @@ in
|
|||
}
|
||||
{
|
||||
job_name = "redis";
|
||||
scheme = "https";
|
||||
metrics_path = "/redis-metrics";
|
||||
static_configs = [
|
||||
{ targets = [ "rico1.labs.adtya.xyz" ]; }
|
||||
{ targets = [ "10.10.10.11:9121" ]; }
|
||||
];
|
||||
}
|
||||
];
|
||||
|
|
|
|||
|
|
@ -1,20 +1,16 @@
|
|||
_: {
|
||||
{ config, ... }: {
|
||||
services = {
|
||||
prometheus.exporters.redis = {
|
||||
enable = true;
|
||||
listenAddress = "127.0.0.1";
|
||||
listenAddress = config.nodeconfig.facts.wireguard-ip;
|
||||
port = 9121;
|
||||
};
|
||||
redis.servers = {
|
||||
blocky = {
|
||||
default = {
|
||||
enable = true;
|
||||
bind = "10.10.10.11";
|
||||
port = 6379;
|
||||
};
|
||||
caddy = {
|
||||
enable = true;
|
||||
bind = "10.10.10.11";
|
||||
port = 6380;
|
||||
extraParams = [ "--protected-mode no" ];
|
||||
};
|
||||
};
|
||||
};
|
||||
|
|
|
|||
|
|
@ -1,5 +1,5 @@
|
|||
{ config, ... }:
|
||||
let wireguard-peers = import ../shared/wireguard-peers.nix; in {
|
||||
let wireguard-peers = import ../../shared/wireguard-peers.nix; in {
|
||||
sops.secrets = {
|
||||
"wireguard/rico2/pk" = {
|
||||
mode = "400";
|
||||
|
|
|
|||
|
|
@ -1,13 +1,8 @@
|
|||
_:
|
||||
let
|
||||
inherit (import ../../../shared/caddy-helpers.nix) logFormat;
|
||||
domainName = "alertmanager.labs.adtya.xyz";
|
||||
in
|
||||
{
|
||||
let domainName = "alertmanager.labs.adtya.xyz"; in {
|
||||
services = {
|
||||
caddy = {
|
||||
virtualHosts."${domainName}" = {
|
||||
inherit logFormat;
|
||||
extraConfig = ''
|
||||
reverse_proxy 127.0.0.1:9093
|
||||
'';
|
||||
|
|
|
|||
|
|
@ -1,16 +1,11 @@
|
|||
_:
|
||||
let
|
||||
inherit (import ../../../shared/caddy-helpers.nix) logFormat;
|
||||
domainName = "blocky.rico2.labs.adtya.xyz";
|
||||
in
|
||||
{
|
||||
let domainName = "blocky.rico2.labs.adtya.xyz"; in {
|
||||
imports = [
|
||||
../../../shared/blocky.nix
|
||||
];
|
||||
services = {
|
||||
caddy = {
|
||||
virtualHosts."${domainName}" = {
|
||||
inherit logFormat;
|
||||
extraConfig = ''
|
||||
reverse_proxy 127.0.0.1:8080
|
||||
'';
|
||||
|
|
|
|||
|
|
@ -1,13 +1,8 @@
|
|||
_:
|
||||
let
|
||||
inherit (import ../../../shared/caddy-helpers.nix) logFormat;
|
||||
domainName = "grafana.labs.adtya.xyz";
|
||||
in
|
||||
{
|
||||
let domainName = "grafana.labs.adtya.xyz"; in {
|
||||
services = {
|
||||
caddy = {
|
||||
virtualHosts."${domainName}" = {
|
||||
inherit logFormat;
|
||||
extraConfig = ''
|
||||
reverse_proxy 127.0.0.1:9091
|
||||
'';
|
||||
|
|
|
|||
|
|
@ -1,6 +1,5 @@
|
|||
{ config, ... }:
|
||||
let
|
||||
inherit (import ../../../shared/caddy-helpers.nix) logFormat;
|
||||
domainName = "homepage.labs.adtya.xyz";
|
||||
cfg = config.services.glance;
|
||||
in
|
||||
|
|
@ -8,7 +7,6 @@ in
|
|||
services = {
|
||||
caddy = {
|
||||
virtualHosts."${domainName}" = {
|
||||
inherit logFormat;
|
||||
extraConfig = ''
|
||||
reverse_proxy ${cfg.settings.server.host}:${toString cfg.settings.server.port}
|
||||
'';
|
||||
|
|
|
|||
|
|
@ -1,53 +1,20 @@
|
|||
{ lib, config, ... }: {
|
||||
{ config, ... }: {
|
||||
services = {
|
||||
caddy =
|
||||
let
|
||||
vHost = "${config.networking.hostName}.labs.adtya.xyz";
|
||||
in
|
||||
{
|
||||
virtualHosts."${vHost}" = {
|
||||
extraConfig = ''
|
||||
handle /metrics {
|
||||
reverse_proxy ${config.services.prometheus.exporters.node.listenAddress}:${toString config.services.prometheus.exporters.node.port}
|
||||
}
|
||||
handle /smartctl-metrics {
|
||||
uri replace /smartctl-metrics /metrics
|
||||
reverse_proxy ${config.services.prometheus.exporters.smartctl.listenAddress}:${toString config.services.prometheus.exporters.smartctl.port}
|
||||
}
|
||||
handle /systemd-metrics {
|
||||
uri replace /systemd-metrics /metrics
|
||||
reverse_proxy ${config.services.prometheus.exporters.systemd.listenAddress}:${toString config.services.prometheus.exporters.systemd.port}
|
||||
}
|
||||
${lib.optionalString config.services.prometheus.exporters.postgres.enable ''
|
||||
handle /postgres-metrics {
|
||||
uri replace /postgres-metrics /metrics
|
||||
reverse_proxy ${config.services.prometheus.exporters.postgres.listenAddress}:${toString config.services.prometheus.exporters.postgres.port}
|
||||
}
|
||||
''}
|
||||
${lib.optionalString config.services.prometheus.exporters.redis.enable ''
|
||||
handle /redis-metrics {
|
||||
uri replace /redis-metrics /metrics
|
||||
reverse_proxy ${config.services.prometheus.exporters.redis.listenAddress}:${toString config.services.prometheus.exporters.redis.port}
|
||||
}
|
||||
''}
|
||||
'';
|
||||
};
|
||||
};
|
||||
prometheus.exporters = {
|
||||
node = {
|
||||
enable = true;
|
||||
listenAddress = "127.0.0.1";
|
||||
listenAddress = config.nodeconfig.facts.wireguard-ip;
|
||||
port = 9100;
|
||||
enabledCollectors = [ "systemd" "processes" ];
|
||||
};
|
||||
smartctl = {
|
||||
enable = true;
|
||||
listenAddress = "127.0.0.1";
|
||||
listenAddress = config.nodeconfig.facts.wireguard-ip;
|
||||
port = 9633;
|
||||
};
|
||||
systemd = {
|
||||
enable = true;
|
||||
listenAddress = "127.0.0.1";
|
||||
listenAddress = config.nodeconfig.facts.wireguard-ip;
|
||||
port = 9558;
|
||||
};
|
||||
|
||||
|
|
|
|||
|
|
@ -1,28 +1,12 @@
|
|||
{ lib, config, ... }:
|
||||
let
|
||||
inherit (import ../../../shared/caddy-helpers.nix) logFormat;
|
||||
domainName = "ntfy.acomputer.lol";
|
||||
in
|
||||
{
|
||||
{ lib, ... }:
|
||||
let domainName = "ntfy.acomputer.lol"; in {
|
||||
services = {
|
||||
caddy.virtualHosts = {
|
||||
"${config.networking.hostName}.labs.adtya.xyz" = {
|
||||
inherit logFormat;
|
||||
extraConfig = ''
|
||||
handle /ntfy-metrics {
|
||||
uri replace /ntfy-metrics /metrics
|
||||
reverse_proxy ${config.services.ntfy-sh.settings.metrics-listen-http}
|
||||
}
|
||||
'';
|
||||
};
|
||||
};
|
||||
|
||||
ntfy-sh = {
|
||||
enable = true;
|
||||
settings = {
|
||||
base-url = "https://${domainName}";
|
||||
listen-http = "10.10.10.13:8080";
|
||||
metrics-listen-http = "127.0.0.1:8081";
|
||||
metrics-listen-http = "10.10.10.13:8081";
|
||||
auth-file = "/mnt/data/ntfy-sh/user.db";
|
||||
attachment-cache-dir = "/mnt/data/ntfy-sh/attachments";
|
||||
cache-file = "/mnt/data/ntfy-sh/cache-file.db";
|
||||
|
|
|
|||
|
|
@ -2,7 +2,7 @@
|
|||
services = {
|
||||
prometheus.exporters.postgres = {
|
||||
enable = true;
|
||||
listenAddress = "127.0.0.1";
|
||||
listenAddress = config.nodeconfig.facts.wireguard-ip;
|
||||
port = 9187;
|
||||
runAsLocalSuperUser = true;
|
||||
};
|
||||
|
|
|
|||
Loading…
Reference in a new issue